Puppet Class: nfs::client

Inherits:
::nfs
Defined in:
manifests/client.pp

Summary

Manage configuration and services for a NFS client

Overview

If using the ‘nfs::client::mount` define, this will be automatically called for you.

Parameters:

  • blkmap (Boolean) (defaults to: false)

    Whether to enable the ‘nfs-blkmap.service`

    • Required for parallel NFS (pNFS).

    • Only applicable for NFSv4.1 or later

  • callback_port (Simplib::Port) (defaults to: 876)

    The port used by the server to recall delegation of responsibilities to a NFSv4 client.

    • Only applicable in NFSv4.0. Beginning with NFSv4.1, a separate callback side channel is not required.

  • stunnel (Boolean) (defaults to: $nfs::stunnel)

    Enable ‘stunnel` connections from this client to each NFS server

    • Stunnel can only be used for NFSv4 connections.

    • Can be explicitly configured for each mount in ‘nfs::client::mount`.

  • stunnel_socket_options (Array[String]) (defaults to: $nfs::stunnel_socket_options)

    Additional stunnel socket options to be applied to each stunnel connection to an NFS server

    • Can be explicitly configured for each mount in ‘nfs::client::mount`.

  • stunnel_verify (Integer[0]) (defaults to: $nfs::stunnel_verify)

    The level at which to verify TLS connections

    • Levels:

      * level 0 - Request and ignore peer certificate.
* level 1 - Verify peer certificate if present.
* level 2 - Verify peer certificate.
* level 3 - Verify peer with locally installed certificate.
* level 4 - Ignore CA chain and only verify peer certificate.

    • Can be explicitly configured for each mount in ‘nfs::client::mount`.

  • stunnel_wantedby (Array[String]) (defaults to: ['remote-fs-pre.target'])

    The ‘systemd` targets that need `stunnel` to be active prior to being activated

    • Can be explicitly configured for each mount in ‘nfs::client::mount`.

Author:



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# File 'manifests/client.pp', line 53

class nfs::client (
  Boolean          $blkmap                 = false,
  Simplib::Port    $callback_port          = 876,
  Boolean          $stunnel                = $nfs::stunnel,
  Array[String]    $stunnel_socket_options = $nfs::stunnel_socket_options,
  Integer[0]       $stunnel_verify         = $nfs::stunnel_verify,
  Array[String]    $stunnel_wantedby       = ['remote-fs-pre.target']
) inherits ::nfs {

  assert_private()

  include 'nfs::base::config'
  include 'nfs::base::service'
  include 'nfs::client::config'
  include 'nfs::client::service'

  Class['nfs::base::config'] ~> Class['nfs::base::service']
  Class['nfs::client::config'] ~> Class['nfs::client::service']
  Class['nfs::base::service'] ~> Class['nfs::client::service']

  if $nfs::kerberos {
    include 'krb5'

    Class['krb5'] ~> Class['nfs::client::service']

    if $nfs::keytab_on_puppet {
      include 'krb5::keytab'

      Class['krb5::keytab'] ~> Class['nfs::client::service']
    }
  }
}